package com.xiaobai.conf;

import com.xiaobai.handler.MyAccessDeniedHandler;
import com.xiaobai.handler.MyAuthenticationFailureHandler;
import com.xiaobai.handler.MyAuthenticationSuccessHandler;
import com.xiaobai.service.impl.UserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.stereotype.Component;

import javax.sql.DataSource;

/**
 * @author yangdaji
 * @version 1.0 @Description:
 * @date 22-2-15 上午 11:56
 */
@Component
public class PassEncoderConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private MyAccessDeniedHandler accessDeniedHandler;

    @Autowired
    private UserDetailsServiceImpl userDetailsService;

    @Autowired
    private DataSource dataSource;

    @Autowired
    private PersistentTokenRepository persistentTokenRepository;

    @Bean
    public PasswordEncoder getPasswordEncoder() {
        return new SCryptPasswordEncoder();
    }

    @Bean
    public PersistentTokenRepository getPersistentTokenRepository() {
        JdbcTokenRepositoryImpl jdbcTokenRepository = new JdbcTokenRepositoryImpl();
        //设置数据源
        jdbcTokenRepository.setDataSource(dataSource);
        //设置第一次启动创建对应的数据表,可以先启动后创建表,关闭这个
        // jdbcTokenRepository.setCreateTableOnStartup(true);
        return jdbcTokenRepository;
    }


    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.formLogin()
                .loginProcessingUrl("/login")
                // .loginPage("/tologin.html")
                .loginPage("/showLogin")
                // .successForwardUrl("/toMain")
                .successHandler(new MyAuthenticationSuccessHandler("/main.html"))
                // .failureForwardUrl("/toError")
                .failureHandler(new MyAuthenticationFailureHandler("error.html"))
                .usernameParameter("user")
                .passwordParameter("pass");

        http.authorizeRequests()
                .antMatchers("/tologin.html").permitAll()
                .antMatchers("/error.html").permitAll()
                // .antMatchers("/js/**,/css/**").permitAll()
                .antMatchers("/showLogin").permitAll()
                .antMatchers("/logout").permitAll()
                .antMatchers("/main.html").permitAll()
                // .mvcMatchers("/toMain2").servletPath("/prefix").permitAll()
                // .antMatchers("/prefix/toMain2").permitAll()
                // .antMatchers("/main.html").hasAnyAuthority("admiN")
                // .antMatchers("/main.html").hasIpAddress("127.0.0.1")
                .antMatchers("/toMain2").permitAll()
                //表示任何请求需要认证
                // .anyRequest().authenticated();
                .anyRequest().access("@myServiceImpl.hasPermission(request,authentication)");

        http.rememberMe()
                //令牌失效时间
                .tokenValiditySeconds(5)
                .rememberMeParameter("remember")
                //自定义登录逻辑
                .userDetailsService(userDetailsService)
                //自定义持久层对象
                .tokenRepository(persistentTokenRepository);

        //退出登录
        // http.logout().logoutSuccessUrl("/tologin.html");
        http.logout().logoutSuccessUrl("/showLogin");

        //自定义异常
        http.exceptionHandling().accessDeniedHandler(accessDeniedHandler);
        //关闭csrf(类似防火墙)
        // http.csrf().disable();
    }
}
